Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   12896 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

SSL_CTX_set_session_id_context(3)	     SSL_CTX_set_session_id_context(3)

NAME
       SSL_CTX_set_session_id_context,	SSL_set_session_id_context  - Set con‐
       text within which session can be reused (server side only)

SYNOPSIS
       #include <openssl/ssl.h>

       int SSL_CTX_set_session_id_context(
	       SSL_CTX	   *ctx,     const     unsigned	    char     *sid_ctx,
       unsigned int sid_ctx_len ); int SSL_set_session_id_context(
	       SSL	*ssl,	   const      unsigned	    char     *sid_ctx,
       unsigned int sid_ctx_len );

DESCRIPTION
       The SSL_CTX_set_session_id_context() function sets the context  sid_ctx
       of  length sid_ctx_len within which a session can be reused for the ctx
       object.

       The SSL_set_session_id_context() function sets the context  sid_ctx  of
       length  sid_ctx_len  within  which  a session can be reused for the ssl
       object.

NOTES
       Sessions are generated within a	certain	 context.  When	 exporting  or
       importing sessions with i2d_SSL_SESSION or d2i_SSL_SESSION it is possi‐
       ble, to reimport a session generated from another context (e.g. another
       application),  which might lead to malfunctions. Therefore, each appli‐
       cation must set its own session id context sid_ctx  which  is  used  to
       distinguish  the	 contexts  and	is  stored  in exported sessions.  The
       sid_ctx can be any kind of binary data with a given length.  For	 exam‐
       ple,  it	 is  possible to use the name of the application, the hostname
       and/or the service name.

       The session id context becomes part of the session. The session id con‐
       text is set by the SSL/TLS server. The SSL_CTX_set_session_id_context()
       and SSL_set_session_id_context() functions are therefore only useful on
       the server side.

       OpenSSL	clients	 will  check  the  session  id context returned by the
       server when reusing a session.

       The maximum length  of  the  sid_ctx  is	 limited  to  SSL_MAX_SSL_SES‐
       SION_ID_LENGTH.

RESTRICTIONS
       If  the session id context is not set on an SSL/TLS server, stored ses‐
       sions will not be reused. A fatal error will be flagged and  the	 hand‐
       shake will fail.

       If a server returns a different session id context to an OpenSSL client
       when reusing a session, an error will be flagged and the handshake will
       fail.   OpenSSL	servers will always return the correct session id con‐
       text, because an OpenSSL server checks the session  id  context	before
       reusing a session.

RETURN VALUES
       The  SSL_CTX_set_session_id_context()  and SSL_set_session_id_context()
       functions return the following values: 0

	      The  length  sid_ctx_len	of  the	 session  id  context  sid_ctx
	      exceeded	 the   maximum	 allowed  length  of  SSL_MAX_SSL_SES‐
	      SION_ID_LENGTH. The error is logged to the error stack.  1

	      The operation succeeded.

SEE ALSO
       Functions: ssl(3)

					     SSL_CTX_set_session_id_context(3)

Vote for polarhome